Extracting the pure data of the packet and resending it.

Nov 6, 2013 at 6:07 PM
Hello all, i am trying to decrypting the communications between an ABB PLC and its operator panel, i know ( using WireShark ) that the PLC open a TCP/IP connection to the computer and send two kind of tcp/ip packets, one of 1204 bytes and other of 895 bytes, all the time is the same, two packets with the same lenght and same order.
I managed to decrypt the packet, now i wrote an app that capture these two packets and send it to other computer that has a software that can decrypt the data of the packets and record it.
I only have one question, i want to serve to the other app only the useful part of the packets, my app open two listening ports, one for the big packet and the other for the small one.
Once the app connect with my app, everytime i capture a packet proceeding from the PLC and with destination the operator panel, i will send a copy of the data to the other computer.

Here is where i have the question, i see that the packet object has this object:
Packet.Ethernet.IpV4.Payload
This is where i suppose that the real information is, i mean that this is the information purely.
Now i want to send this using my socket with the method send() this method need a byte array to send but i can not find any conversion between Payload and Byte[].
The nearest aproximation is to decode the payload first and encode it again, something like this:
byte[] datos = ASCIIEncoding.Default.GetBytes(packet.Ethernet.IpV4.Payload.Decode(ASCIIEncoding.Default));

The size of the Payload and the data to be send are the same but i dont know if this is correct, can anyone help me, maybe there is other method that can make this more easy?
Coordinator
Nov 22, 2013 at 11:16 AM
Hi CuninganReset,

If you just need to convert the Payload to Byte[] you can do one of the followin:
  1. Use ToMemoryStream() to create a MemoryStream object and use it for your needs.
  2. Use Write() to copy the data directly to a Byte[].
I hope this helps,

Boaz.